public class AssumeRoleWithOIDCRequest
extends com.aliyun.tea.TeaModel
| 限定符和类型 | 字段和说明 |
|---|---|
Long |
durationSeconds
The validity period of the STS token.
|
String |
OIDCProviderArn
The Alibaba Cloud Resource Name (ARN) of the OIDC IdP.
|
String |
OIDCToken
The OIDC token that is issued by the external IdP.
|
String |
policy
The policy that specifies the permissions of the returned STS token.
|
String |
roleArn
The ARN of the RAM role.
|
String |
roleSessionName
The custom name of the role session.
|
| 构造器和说明 |
|---|
AssumeRoleWithOIDCRequest() |
| 限定符和类型 | 方法和说明 |
|---|---|
static AssumeRoleWithOIDCRequest |
build(Map<String,?> map) |
Long |
getDurationSeconds() |
String |
getOIDCProviderArn() |
String |
getOIDCToken() |
String |
getPolicy() |
String |
getRoleArn() |
String |
getRoleSessionName() |
AssumeRoleWithOIDCRequest |
setDurationSeconds(Long durationSeconds) |
AssumeRoleWithOIDCRequest |
setOIDCProviderArn(String OIDCProviderArn) |
AssumeRoleWithOIDCRequest |
setOIDCToken(String OIDCToken) |
AssumeRoleWithOIDCRequest |
setPolicy(String policy) |
AssumeRoleWithOIDCRequest |
setRoleArn(String roleArn) |
AssumeRoleWithOIDCRequest |
setRoleSessionName(String roleSessionName) |
@NameInMap(value="DurationSeconds") public Long durationSeconds
The validity period of the STS token. Unit: seconds.
Default value: 3600. Minimum value: 900. Maximum value: the value of the MaxSessionDuration parameter.
For more information about how to specify MaxSessionDuration, see CreateRole or UpdateRole.
3600
@NameInMap(value="OIDCProviderArn") public String OIDCProviderArn
The Alibaba Cloud Resource Name (ARN) of the OIDC IdP.
You can view the ARN in the RAM console or by calling operations.
acs:ram::113511544585****:oidc-provider/TestOidcIdp
@NameInMap(value="OIDCToken") public String OIDCToken
The OIDC token that is issued by the external IdP.
The OIDC token must be 4 to 20,000 characters in length.
example:You must enter the original OIDC token. You do not need to enter the Base64-encoded OIDC token.
eyJraWQiOiJKQzl3eHpyaHFKMGd0****
@NameInMap(value="Policy") public String policy
The policy that specifies the permissions of the returned STS token. You can use this parameter to grant the STS token fewer permissions than the permissions granted to the RAM role.
The value must be 1 to 2,048 characters in length.
example:{"Statement": [{"Action": [""],"Effect": "Allow","Resource": [""]}],"Version":"1"}
@NameInMap(value="RoleArn") public String roleArn
The ARN of the RAM role.
You can view the ARN in the RAM console or by calling operations.
acs:ram::113511544585****:role/testoidc
@NameInMap(value="RoleSessionName") public String roleSessionName
The custom name of the role session.
Set this parameter based on your business requirements. In most cases, this parameter is set to the identity of the user who calls the operation, for example, the username. In ActionTrail logs, you can distinguish the users who assume the same RAM role to perform operations based on the value of the RoleSessionName parameter. This way, you can perform user-specific auditing.
The value can contain letters, digits, periods (.), at signs (@), hyphens (-), and underscores (_).
The value must be 2 to 64 characters in length.
example:TestOidcAssumedRoleSession
public static AssumeRoleWithOIDCRequest build(Map<String,?> map) throws Exception
Exceptionpublic AssumeRoleWithOIDCRequest setDurationSeconds(Long durationSeconds)
public Long getDurationSeconds()
public AssumeRoleWithOIDCRequest setOIDCProviderArn(String OIDCProviderArn)
public String getOIDCProviderArn()
public AssumeRoleWithOIDCRequest setOIDCToken(String OIDCToken)
public String getOIDCToken()
public AssumeRoleWithOIDCRequest setPolicy(String policy)
public String getPolicy()
public AssumeRoleWithOIDCRequest setRoleArn(String roleArn)
public String getRoleArn()
public AssumeRoleWithOIDCRequest setRoleSessionName(String roleSessionName)
public String getRoleSessionName()
Copyright © 2025. All rights reserved.